[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: PGP - non-nonrepudiation
-----BEGIN PGP SIGNED MESSAGE-----
At 10:54 PM 2/5/99 -0600, Black Unicorn wrote:
>
>"But the agreement you signed with the brokerage waives the brokerage's
>liability for transactions where your keys are used."
>
That's perfectly valid. It's the signer relinquishing his right to
repudiate, because of a normal contract he signed with the verifier of the
signature. What's enforced in court is the normal contract, not some
fiction about non-repudiation as a side effect of using digital signatures.
>I concede that non-repudiation and its definition are issues but this is
>more than a bit defeatist. The excuse that "non-repudiation is too
>non-defined for us to try and accommodate any functionality that approaches
>it" is just silly.
I'm quite happy with the contract approach you outlined. It's just the
silly talk we occasionally hear about digital signatures giving
non-repudiation -- or some certificate from a properly blessed CA giving
non-repudiation that I contest. There are laws (e.g., Utah) that deprive
you of the right to repudiate if you get a certificate from some CA they
bless -- which is enough reason, in my mind, never to get a certificate from
such a CA. It was, after all, the Reg E right to repudiate credit card bill
line items that made electronic commerce thrive.
>I could apply this approach to encryption. "Why bother to encrypt? I have
>no idea who's at the other end. Anyone could be a man in the middle for my
>friend. They could sniff it with a Trojan horse on his computer. They
>could put a video camera in his ceiling and watch his screen, or his
>keyboard." This is effectively the approach you are taking.
In fact, I use that argument too. There is no such thing as a man in the
middle attack if I'm communicating with someone I don't know already. If I
have made contact with a stranger and some man in the middle is there, then
I'm still communicating directly and privately with a stranger: the man in
the middle. I have no reason to prefer him over the other stranger, given
that I don't already have a relationship with either of them. One might
argue that the MITM is dishonest while the other bloke is honest, but I defy
someone to create a protocol that tests for honesty.
>My point is that the brokerage does not now have the tools to even provide
>evidence of the signature in the first place, which- in fact- makes use of
>the signature pointless as it provides not even the slightest advance in
>non-repudiation. Might as well just keep taking passwords or use
>handwriting analysis.
Don't run down handwriting too much. The handwritten signature is, after
all, a biometric.
>If you want this software to be utilized in places where it counts, which is
>of course why we are in this game, or should be, then you have to improve
>the product/protocol, not try to explain why functionality that is
>needed/useful doesn't exist.
Of course.
>Mr. Geiger points out that this functionality, or lack thereof, is not a
>consequence of the OpenPGP data structure itself. Insofar as that is so
>this discussion is probably out of place anyhow.
Probably.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNrvm5BN3Wx8QwqUtAQEx8wP+JufBsjh9g4aWpm+m7rnqQKDYgPW7+4Bw
jg5XIhsUv59QOtNHWn3IDteFilnFNxYWLYpabX1iK8lQ/TJEcrvf+UUwnvYVLMxa
9Ov2v9LOm/7SV139DgaCOVxJ541fSKIPbN+F/Vr57jmsYggDrNz8lFNHuEYp/urj
13tMSqGKSnw=
=AByS
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@xxxxxxx http://www.pobox.com/~cme |
| PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+